- Posts: 1
- Thank you received: 0
IPCop URL redirection...
16 years 11 months ago #26536
by maxlee
IPCop URL redirection... was created by maxlee
Hello all,
it seems to be very nice and informative form...
i think somebody in here might be able to help...
i am using Ipcop with an addon called TCAR, made by Ivan S. Rublev www.onmind.ru/tcar/tcaren.htm
it basically give access to specified users using their mac's and ip's and give specific amount of traffic (daily/weekly/monthly).... if limit exceeded user is blocked till the next period...
currently if a user is blocked, all his traffic will be rejected...
what i want is that instead of rejecting all the traffic, i want to redirect all his http traffic to local webserver showing a page that he has exceeded his limit...
i have gone threw the code of the addon and found where i need to add my rules for this to happen... using iptables... PREROUTING with DNAT and POSTROUTING with SNAT...
it is supposed to be the same as using transparent proxy but in this case it's just a webserver with 404 page being the same index page...
unfortunately for unknown reason (at least to me), it's not working... the user time out when trying to open any website...
here are the rules i added
iptables -t nat -I CUSTOMPREROUTING -i eth0 -s $userip -p tcp --dport 80 -j DNAT --to 192.168.4.3:80
iptables -t nat -I CUSTOMPOSTROUTING -o eth0 -s $userip -d 192.168.4.3 -p tcp --sport 80 -j SNAT --to 192.168.4.1
the strange thing that they are added correctly to the chains but they don't work...
there is already another rules to block everything thing else from the user... which is working perfectly...
Does anybody have any idea how to archive this???
maybe it is easier to have a proxy in the middle but if it's not a must i don't want to use proxy... i used proxy before and noticed that it takes so much resources which i am not really willing to offer...
Any help on the topic is highly appreciated... Regards....
it seems to be very nice and informative form...
i think somebody in here might be able to help...
i am using Ipcop with an addon called TCAR, made by Ivan S. Rublev www.onmind.ru/tcar/tcaren.htm
it basically give access to specified users using their mac's and ip's and give specific amount of traffic (daily/weekly/monthly).... if limit exceeded user is blocked till the next period...
currently if a user is blocked, all his traffic will be rejected...
what i want is that instead of rejecting all the traffic, i want to redirect all his http traffic to local webserver showing a page that he has exceeded his limit...
i have gone threw the code of the addon and found where i need to add my rules for this to happen... using iptables... PREROUTING with DNAT and POSTROUTING with SNAT...
it is supposed to be the same as using transparent proxy but in this case it's just a webserver with 404 page being the same index page...
unfortunately for unknown reason (at least to me), it's not working... the user time out when trying to open any website...
here are the rules i added
iptables -t nat -I CUSTOMPREROUTING -i eth0 -s $userip -p tcp --dport 80 -j DNAT --to 192.168.4.3:80
iptables -t nat -I CUSTOMPOSTROUTING -o eth0 -s $userip -d 192.168.4.3 -p tcp --sport 80 -j SNAT --to 192.168.4.1
the strange thing that they are added correctly to the chains but they don't work...
there is already another rules to block everything thing else from the user... which is working perfectly...
Does anybody have any idea how to archive this???
maybe it is easier to have a proxy in the middle but if it's not a must i don't want to use proxy... i used proxy before and noticed that it takes so much resources which i am not really willing to offer...
Any help on the topic is highly appreciated... Regards....
Time to create page: 0.079 seconds